
PROVEN, ADAPTABLE PLATFORM FOR CERTIFIED AVIONICS
LYNX MOSA.ic for Avionics is a set of Lynx software packages, 3rd party technologies, and associated tools which Lynx has proven to reliably work together for rapidly building robust avionics systems, including: - LynxOS-178® (Safety RTOS)
- LynxElement (Unikernel)
- Buildroot (Linux)
- LynxSecure (Separation kernel)
- Lynx Simple Applications (bare-metal apps)
- Certification evidence
- Tools

MODERN SOFTWARE PLATFORMS FOR MODERN PROCESSORS
We've created a video that contrasts the impact of a container-inspired malware attack on a system running a monolithic software stack as opposed to an architecture where different applications are partitioned and isolated from each other. In the video demo specifically, we talk about how a separation kernel, in this case running general purpose operating systems and unikernel guests, can be configured so it is more resilient to cyber attacks than a system running only an operating system using docker containers.
CLICK HERE TO WATCH VIDEO
PLEASE COMPLETE FORM TO ACCESS VIDEO
WHY LYNX FOR AVIONICS?
PRODUCT OVERVIEW
PLEASE COMPLETE FORM TO ACCESS VIDEO
COMPONENT DETAILS
LYNXOS-178 (SAFETY RTOS)
LINUX (BUILDROOT)
LYNXSECURE® (SEPARATION KERNEL HYPERVISOR)
LYNXELEMENT® (UNIKERNEL)
LYNX SIMPLE APPLICATIONS (LSAs)
CERTIFICATION EVIDENCE
TOOLS
FEATURES AND BENEFITS

FOUNDED ON LYNXSECURE
As a true separation kernel, LynxSecure is often defined by what it isn't, as much as by what it is. With LynxSecure there is no system configuration change after startup. This means no hardware re-mapping, device assignment, memory allocation, or changes to security or scheduling policies. With LynxSecure, the system architect can rely on the following facts:
• Guest software CPU cycles are guaranteed
• LynxSecure executable is secure
- No means to load any app. or modify the LynxSecure executable
- Guests cannot access LynxSecure memory
- No shared kernel memory between guests and/or LynxSecure
• Guest-to-Guest communications are secure
- Resources and security policies defined at boot
- User-space, zero copy memory for security-policy enforced guest-guest communications
- Data does not pass through LynxSecure
• Communication (using FIFOs, Ethernet or device emulation) between guest operating systems is highly regulated
- LynxSecure provides a protected, secure channel of communication using a message passing API
- Message transmission is generally asynchronous and unidirectional for security concerns.
- The security policy defines the authorized communication between two different guests and can be defined as
unidirectional or bi-directional